Definition of terms for the implementation of data and information protection laws

We would like to point out that www.geschgehg.eu does not carry out any ISO/IEC 27001 certification or training. Nevertheless, we offer our customers the opportunity to integrate the internationally leading rules and standards in the area of information security management within the scope of the ILPA program!

Why are we adhering to this set of rules with our services and solutions, even though it is not mandatory for most of our customers?

We see it as a very good guide that allows companies to periodically check themselves for stability in terms of security management and thus also to meet the increasing technological standards and potential hazards.

However, companies can apply the rules without incurring the high cost of maintaining and maintaining ISO/IEC 27001 certification. The rules do really well the risk-based framework, which has strong similarities with different compliance guidelines. It is intended to identify specific threats to information security and thus minimize the risk to the company. It also ensures more protection of trade secrets (according to EU-RL 2016/943 Trade Secrets Act).

Trade Secret Law → Industry Standards → GDPR → ISO/IEC 27001

If one considers this set of rules as the basis for the GDPR (see our competencies under www.dsgvo-risiko.de), the next two levels of our risk pyramid are (possibly required) industry standards and the protection of trade secrets according to Trade Secrets Act!